Currently, I set
1. allowguests=no
2. simple error "No matching peer found" is given
However, the attacks come always back a few days after changing ip address with 30 register trials per minutes. IP01 cannot work properly as CPU load is too high
1. You have to disable port 22
2. Reduce or even remove the message written on the flash
3. Set a particular option which does not let the intruder know the response message is no valid extensoion or invalid password. Only simple error is given to the intruder.